Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
File: e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa (raw, json)
Hash identifier: m2Psh39w4AmeUsi8Zvj96De0fVmynZXsH7aHZihnE00=
Subject key identifier: A9:43:6F:D0:E5:56:13:1B:9E:3E:F5:DC:62:CA:E0:01:9A:B8:B9:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0958575A432410823ED93F5BFCA8CF1C2E16903E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
Signing time: Wed 20 May 2026 00:00:07 +0000
ROA not before: Wed 20 May 2026 00:00:07 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:58:57:5a:43:24:10:82:3e:d9:3f:5b:fc:a8:cf:1c:2e:16:90:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 00:00:07 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=e714f8649642b0191faadb0cf922e510e02163b335d2650d1afd3a8b2157b4aa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:a2:46:1a:f3:2d:55:ec:3f:48:56:6d:b6:42:
42:e7:d4:30:d9:ec:ed:25:df:6b:87:5a:08:11:9f:
0f:88:79:34:1d:42:f0:11:7d:07:c6:83:15:33:cd:
5a:a4:99:e2:87:9a:35:a4:75:e6:8b:c5:74:82:fd:
dc:4a:e0:55:d2:1e:93:6c:bd:03:55:9a:47:d1:5a:
2f:b0:3d:14:9a:04:78:3b:c7:74:1c:7f:1f:00:ed:
04:60:f7:2a:90:de:03:8f:46:7d:60:dc:45:bb:b2:
ad:84:e9:e5:5d:4c:2a:a9:9a:f8:8a:c5:a4:6c:5f:
b3:58:9d:02:87:19:16:17:24:ff:61:83:5f:ef:66:
ce:e0:e7:a4:dc:b6:c9:46:70:92:e8:0e:b8:c6:fa:
87:36:78:ae:ad:24:5b:17:5b:3f:b6:0b:74:4e:90:
ba:37:6c:73:fa:0b:08:56:02:2e:28:83:10:ea:d5:
5e:d2:36:0e:62:2c:45:5b:30:86:b5:d7:a5:59:73:
fe:28:69:b3:1d:4d:2a:ce:dd:7b:a1:cc:ff:7e:ca:
02:f4:6e:dc:64:32:45:42:b8:64:05:c4:f8:82:9a:
0c:17:28:77:f4:c4:2f:1b:1d:9c:b6:53:84:ae:19:
95:dc:ef:32:8e:cb:08:28:58:87:ae:cb:bc:84:02:
d7:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:43:6F:D0:E5:56:13:1B:9E:3E:F5:DC:62:CA:E0:01:9A:B8:B9:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/17
Signature Algorithm: sha256WithRSAEncryption
9e:46:67:82:70:53:f8:11:e0:3c:8b:39:49:e9:84:f8:07:7c:
78:68:24:95:40:92:a3:a8:27:02:dc:25:5e:90:7b:d2:5a:57:
fe:29:6d:84:ba:c6:e9:a2:fd:87:87:d8:85:fa:81:67:98:07:
d6:29:03:f6:59:e5:85:cb:24:72:d8:fb:97:1f:d4:17:91:21:
79:b4:20:5a:7b:99:b5:72:72:ad:3f:33:10:cd:b7:76:02:be:
46:b2:f5:db:6b:d7:67:3a:fc:56:26:da:30:a1:e3:fe:27:41:
e6:c5:4d:5c:14:31:08:1a:d3:2b:d0:f7:c6:30:d4:ab:30:f9:
ff:af:87:54:3a:ce:10:6b:86:7f:d7:b9:02:a2:14:d9:ae:53:
80:7f:15:7d:c7:07:9c:36:5e:8f:96:c2:d3:d4:78:37:a4:59:
68:11:58:e4:9d:7c:5d:3c:e9:8a:15:c8:6c:f4:f8:ec:f3:66:
18:c0:5f:96:cd:e0:aa:86:1b:9a:7c:a2:95:09:72:e7:71:db:
b9:3d:a1:7c:dd:a7:3e:2b:ef:80:b5:c4:1f:a8:02:dc:8b:51:
4a:3d:be:96:13:07:94:d1:ff:af:e3:74:d9:47:dc:8a:fc:ae:
07:dd:2c:b3:d9:c0:cd:68:42:12:7d:ab:cb:43:14:30:30:24:
3e:56:3f:1a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCVhXWkMkEII+2T9b/KjPHC4WkD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjAwMDAwMDdaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3MTRmODY0OTY0MmIwMTkxZmFhZGIwY2Y5MjJlNTEwZTAyMTYzYjMzNWQy
NjUwZDFhZmQzYThiMjE1N2I0YWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPuiRhrzLVXsP0hWbbZCQufUMNns7SXfa4daCBGfD4h5NB1C8BF9B8aDFTPN
WqSZ4oeaNaR15ovFdIL93ErgVdIek2y9A1WaR9FaL7A9FJoEeDvHdBx/HwDtBGD3
KpDeA49GfWDcRbuyrYTp5V1MKqma+IrFpGxfs1idAocZFhck/2GDX+9mzuDnpNy2
yUZwkugOuMb6hzZ4rq0kWxdbP7YLdE6Qujdsc/oLCFYCLiiDEOrVXtI2DmIsRVsw
hrXXpVlz/ihpsx1NKs7de6HM/37KAvRu3GQyRUK4ZAXE+IKaDBcod/TELxsdnLZT
hK4ZldzvMo7LCChYh67LvIQC11cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSpQ2/Q
5VYTG54+9dxiyuABmri5wzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTNhMGIyMDAtM2YxNi00ZWI3LWFhMGEtZmNjYzQ2YTkwOTJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB099ADAN
BgkqhkiG9w0BAQsFAAOCAQEAnkZngnBT+BHgPIs5SemE+Ad8eGgklUCSo6gnAtwl
XpB70lpX/ilthLrG6aL9h4fYhfqBZ5gH1ikD9lnlhcskctj7lx/UF5EhebQgWnuZ
tXJyrT8zEM23dgK+RrL122vXZzr8VibaMKHj/idB5sVNXBQxCBrTK9D3xjDUqzD5
/6+HVDrOEGuGf9e5AqIU2a5TgH8VfccHnDZej5bC09R4N6RZaBFY5J18XTzpihXI
bPT47PNmGMBfls3gqoYbmnyilQly53HbuT2hfN2nPivvgLXEH6gC3ItRSj2+lhMH
lNH/r+N02UfcivyuB90ss9nAzWhCEn2ry0MUMDAkPlY/Gg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:29 2026 by rpki-client